@ai-pip/core 0.2.0 → 0.4.0

package/dist/AAL/constants.d.ts

@@ -0,0 +1,15 @@
+/**
+ * AAL display constants - semantic mapping for SDK/UI.
+ * Used for consistent display of AAL decisions (e.g. colors).
+ */
+import type { AnomalyAction } from './types.js';
+/**
+ * Display color for each AAL action.
+ * SDK/UI can use this for consistent styling (e.g. green = allow, yellow = warn, red = block).
+ */
+export declare const ACTION_DISPLAY_COLORS: Record<AnomalyAction, string>;
+/**
+ * Returns the display color for an AAL action.
+ */
+export declare function getActionDisplayColor(action: AnomalyAction): string;
+//# sourceMappingURL=constants.d.ts.map

package/dist/AAL/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/AAL/constants.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAE/C;;;GAGG;AACH,eAAO,MAAM,qBAAqB,EAAE,MAAM,CAAC,aAAa,EAAE,MAAM,CAI9D,CAAA;AAEF;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,aAAa,GAAG,MAAM,CAEnE"}

package/dist/AAL/constants.js

@@ -0,0 +1,20 @@
+/**
+ * AAL display constants - semantic mapping for SDK/UI.
+ * Used for consistent display of AAL decisions (e.g. colors).
+ */
+/**
+ * Display color for each AAL action.
+ * SDK/UI can use this for consistent styling (e.g. green = allow, yellow = warn, red = block).
+ */
+export const ACTION_DISPLAY_COLORS = Object.freeze({
+    ALLOW: 'green',
+    WARN: 'yellow',
+    BLOCK: 'red'
+});
+/**
+ * Returns the display color for an AAL action.
+ */
+export function getActionDisplayColor(action) {
+    return ACTION_DISPLAY_COLORS[action];
+}
+//# sourceMappingURL=constants.js.map

package/dist/AAL/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/AAL/constants.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH;;;GAGG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAkC,MAAM,CAAC,MAAM,CAAC;IAChF,KAAK,EAAE,OAAO;IACd,IAAI,EAAE,QAAQ;IACd,KAAK,EAAE,KAAK;CACb,CAAC,CAAA;AAEF;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,MAAqB;IACzD,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAA;AACtC,CAAC"}

package/dist/AAL/index.d.ts

@@ -11,7 +11,7 @@
  * **Architecture:**
  * - Consumes ISLSignal (not ISLResult) to maintain layer separation
  * - Applies configurable policies (ALLOW/WARN/BLOCK)
- * - Builds instruction removal plans
+ * - Builds remediation plans (what to do, not how; SDK/AI agent performs cleanup)
  * - Does not execute actions (that is SDK responsibility)
  *
  * **Does NOT contain:**
@@ -21,8 +21,9 @@
  */
 export { createAnomalyScore, isHighRisk, isLowRisk, isWarnRisk, isRoleProtected, isContextLeakPreventionEnabled, isInstructionImmutable, isIntentBlocked, isScopeSensitive } from './value-objects/index.js';
 export type { AnomalyScore, PolicyRule } from './value-objects/index.js';
-export { resolveAgentAction, resolveAgentActionWithScore, buildDecisionReason, buildRemovalPlan } from './process/index.js';
-export type { DecisionReason, RemovalPlan } from './process/index.js';
+export { resolveAgentAction, resolveAgentActionWithScore, buildDecisionReason, buildRemediationPlan, validateAgentPolicyThresholds } from './process/index.js';
+export type { DecisionReason } from './process/index.js';
 export { buildAALLineage } from './lineage/index.js';
-export type { AnomalyAction, RemovedInstruction, BlockedIntent, SensitiveScope, ProtectedRole, ImmutableInstruction, AgentPolicy, } from './types.js';
+export { ACTION_DISPLAY_COLORS, getActionDisplayColor } from './constants.js';
+export type { AnomalyAction, RemediationPlan, BlockedIntent, SensitiveScope, ProtectedRole, ImmutableInstruction, AgentPolicy, } from './types.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/AAL/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/AAL/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAGH,OAAO,EACH,kBAAkB,EAClB,UAAU,EACV,SAAS,EACT,UAAU,EACV,eAAe,EACf,8BAA8B,EAC9B,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EACnB,MAAM,0BAA0B,CAAA;AAEjC,YAAY,EACR,YAAY,EACZ,UAAU,EACb,MAAM,0BAA0B,CAAA;AAGjC,OAAO,EACH,kBAAkB,EAClB,2BAA2B,EAC3B,mBAAmB,EACnB,gBAAgB,EACnB,MAAM,oBAAoB,CAAA;AAE3B,YAAY,EACR,cAAc,EACd,WAAW,EACd,MAAM,oBAAoB,CAAA;AAG3B,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAGpD,YAAY,EACR,aAAa,EACb,kBAAkB,EAClB,aAAa,EACb,cAAc,EACd,aAAa,EACb,oBAAoB,EACpB,WAAW,GACd,MAAM,YAAY,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/AAL/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAGH,OAAO,EACH,kBAAkB,EAClB,UAAU,EACV,SAAS,EACT,UAAU,EACV,eAAe,EACf,8BAA8B,EAC9B,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EACnB,MAAM,0BAA0B,CAAA;AAEjC,YAAY,EACR,YAAY,EACZ,UAAU,EACb,MAAM,0BAA0B,CAAA;AAGjC,OAAO,EACH,kBAAkB,EAClB,2BAA2B,EAC3B,mBAAmB,EACnB,oBAAoB,EACpB,6BAA6B,EAChC,MAAM,oBAAoB,CAAA;AAE3B,YAAY,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AAGxD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAGpD,OAAO,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAA;AAG7E,YAAY,EACR,aAAa,EACb,eAAe,EACf,aAAa,EACb,cAAc,EACd,aAAa,EACb,oBAAoB,EACpB,WAAW,GACd,MAAM,YAAY,CAAA"}

package/dist/AAL/index.js

@@ -11,7 +11,7 @@
  * **Architecture:**
  * - Consumes ISLSignal (not ISLResult) to maintain layer separation
  * - Applies configurable policies (ALLOW/WARN/BLOCK)
- * - Builds instruction removal plans
+ * - Builds remediation plans (what to do, not how; SDK/AI agent performs cleanup)
  * - Does not execute actions (that is SDK responsibility)
  *
  * **Does NOT contain:**
@@ -22,7 +22,9 @@
 // Value objects
 export { createAnomalyScore, isHighRisk, isLowRisk, isWarnRisk, isRoleProtected, isContextLeakPreventionEnabled, isInstructionImmutable, isIntentBlocked, isScopeSensitive } from './value-objects/index.js';
 // Process functions
-export { resolveAgentAction, resolveAgentActionWithScore, buildDecisionReason, buildRemovalPlan } from './process/index.js';
+export { resolveAgentAction, resolveAgentActionWithScore, buildDecisionReason, buildRemediationPlan, validateAgentPolicyThresholds } from './process/index.js';
 // Lineage
 export { buildAALLineage } from './lineage/index.js';
+// Display constants (for SDK/UI)
+export { ACTION_DISPLAY_COLORS, getActionDisplayColor } from './constants.js';
 //# sourceMappingURL=index.js.map

package/dist/AAL/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/AAL/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,gBAAgB;AAChB,OAAO,EACH,kBAAkB,EAClB,UAAU,EACV,SAAS,EACT,UAAU,EACV,eAAe,EACf,8BAA8B,EAC9B,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EACnB,MAAM,0BAA0B,CAAA;AAOjC,oBAAoB;AACpB,OAAO,EACH,kBAAkB,EAClB,2BAA2B,EAC3B,mBAAmB,EACnB,gBAAgB,EACnB,MAAM,oBAAoB,CAAA;AAO3B,UAAU;AACV,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/AAL/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,gBAAgB;AAChB,OAAO,EACH,kBAAkB,EAClB,UAAU,EACV,SAAS,EACT,UAAU,EACV,eAAe,EACf,8BAA8B,EAC9B,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EACnB,MAAM,0BAA0B,CAAA;AAOjC,oBAAoB;AACpB,OAAO,EACH,kBAAkB,EAClB,2BAA2B,EAC3B,mBAAmB,EACnB,oBAAoB,EACpB,6BAA6B,EAChC,MAAM,oBAAoB,CAAA;AAI3B,UAAU;AACV,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAEpD,iCAAiC;AACjC,OAAO,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAA"}

package/dist/AAL/process/applyRemovalPlan.d.ts

@@ -0,0 +1,23 @@
+/**
+ * applyRemovalPlan - Applies a removal plan to ISL result (pure, deterministic).
+ *
+ * @remarks
+ * For each segment, only instructions with segmentId === segment.id are applied.
+ * Each instruction's position is in segment-local coordinates (indices within that
+ * segment's sanitizedContent). We remove only those ranges from that segment's string,
+ * then return a new ISLResult. Do not mix positions from one segment with another or
+ * use document-level offsets; this avoids corrupting legitimate content.
+ */
+import type { RemovalPlan } from './buildRemovalPlan.js';
+import type { ISLResult } from '../../isl/types.js';
+/**
+ * Applies a removal plan to an ISL result.
+ * Produces a new ISLResult with segment sanitizedContent updated (malicious ranges removed).
+ * Instructions without segmentId are ignored. Positions are clamped to [0, content.length] per segment; invalid or empty ranges are dropped. Lineage and metadata are preserved.
+ *
+ * @param islResult - ISL result (segments with sanitizedContent and optional piDetection)
+ * @param plan - Removal plan from buildRemovalPlanFromResult (must include segmentIds for removal)
+ * @returns New ISLResult with sanitizedContent updated per segment
+ */
+export declare function applyRemovalPlan(islResult: ISLResult, plan: RemovalPlan): ISLResult;
+//# sourceMappingURL=applyRemovalPlan.d.ts.map

package/dist/AAL/process/applyRemovalPlan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"applyRemovalPlan.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/applyRemovalPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAA;AACxD,OAAO,KAAK,EAAE,SAAS,EAAc,MAAM,oBAAoB,CAAA;AAwG/D;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,GAAG,SAAS,CAwCnF"}

package/dist/AAL/process/applyRemovalPlan.js

@@ -0,0 +1,157 @@
+/**
+ * applyRemovalPlan - Applies a removal plan to ISL result (pure, deterministic).
+ *
+ * @remarks
+ * For each segment, only instructions with segmentId === segment.id are applied.
+ * Each instruction's position is in segment-local coordinates (indices within that
+ * segment's sanitizedContent). We remove only those ranges from that segment's string,
+ * then return a new ISLResult. Do not mix positions from one segment with another or
+ * use document-level offsets; this avoids corrupting legitimate content.
+ */
+/**
+ * Clamps position ranges to valid [0, contentLength) and drops empty or invalid ranges.
+ * Ensures 0 <= start <= end <= contentLength and start < end.
+ */
+function clampRangesToContent(ranges, contentLength) {
+    if (contentLength <= 0 || ranges.length === 0)
+        return [];
+    const result = [];
+    for (const r of ranges) {
+        const start = Math.max(0, Math.min(Number(r.start), contentLength));
+        const end = Math.max(0, Math.min(Number(r.end), contentLength));
+        if (start < end)
+            result.push({ start, end });
+    }
+    return result;
+}
+/**
+ * Merges overlapping ranges (start inclusive, end exclusive). Sorted by start.
+ */
+function mergeRanges(ranges) {
+    if (ranges.length === 0)
+        return [];
+    const sorted = [...ranges].sort((a, b) => a.start - b.start);
+    const merged = [{ start: sorted[0].start, end: sorted[0].end }];
+    for (let i = 1; i < sorted.length; i++) {
+        const r = sorted[i];
+        const last = merged.at(-1);
+        if (r.start <= last.end) {
+            merged[merged.length - 1] = { start: last.start, end: Math.max(last.end, r.end) };
+        }
+        else {
+            merged.push({ start: r.start, end: r.end });
+        }
+    }
+    return merged;
+}
+/** Max gap (chars) between ranges to consider for merging when gap is only punctuation/whitespace */
+const MAX_PUNCTUATION_GAP = 10;
+/** True if the substring is only whitespace and/or common punctuation (no words). */
+function isOnlyPunctuationOrWhitespace(s) {
+    return /^[\s.,;:!?'"-]*$/.test(s);
+}
+/**
+ * Merges consecutive ranges when the gap between them is only punctuation/whitespace,
+ * so we remove one contiguous block instead of leaving fragments like ", . ".
+ */
+function mergeAdjacentByPunctuation(ranges, content) {
+    if (ranges.length <= 1)
+        return [...ranges];
+    const result = [{ ...ranges[0] }];
+    for (let i = 1; i < ranges.length; i++) {
+        const r = ranges[i];
+        const last = result.at(-1);
+        const gapStart = last.end;
+        const gapEnd = r.start;
+        if (gapEnd > gapStart && gapEnd - gapStart <= MAX_PUNCTUATION_GAP) {
+            const gap = content.slice(gapStart, gapEnd);
+            if (isOnlyPunctuationOrWhitespace(gap)) {
+                result[result.length - 1] = { start: last.start, end: r.end };
+                continue;
+            }
+        }
+        result.push({ ...r });
+    }
+    return result;
+}
+/**
+ * Removes given ranges from content. Ranges must be non-overlapping and sorted by start.
+ */
+function removeRanges(content, ranges) {
+    if (ranges.length === 0)
+        return content;
+    let result = '';
+    let pos = 0;
+    for (const r of ranges) {
+        if (r.start > pos)
+            result += content.slice(pos, r.start);
+        pos = Math.max(pos, r.end);
+    }
+    if (pos < content.length)
+        result += content.slice(pos);
+    return result;
+}
+function assertApplyRemovalPlanArgs(islResult, plan) {
+    if (islResult == null || typeof islResult !== 'object') {
+        throw new TypeError('AAL applyRemovalPlan: islResult must be a non-null object');
+    }
+    if (!Array.isArray(islResult.segments)) {
+        throw new TypeError('AAL applyRemovalPlan: islResult.segments must be an array');
+    }
+    if (plan == null || typeof plan !== 'object') {
+        throw new TypeError('AAL applyRemovalPlan: plan must be a non-null object');
+    }
+    if (!Array.isArray(plan.instructionsToRemove)) {
+        throw new TypeError('AAL applyRemovalPlan: plan.instructionsToRemove must be an array');
+    }
+}
+/**
+ * Applies a removal plan to an ISL result.
+ * Produces a new ISLResult with segment sanitizedContent updated (malicious ranges removed).
+ * Instructions without segmentId are ignored. Positions are clamped to [0, content.length] per segment; invalid or empty ranges are dropped. Lineage and metadata are preserved.
+ *
+ * @param islResult - ISL result (segments with sanitizedContent and optional piDetection)
+ * @param plan - Removal plan from buildRemovalPlanFromResult (must include segmentIds for removal)
+ * @returns New ISLResult with sanitizedContent updated per segment
+ */
+export function applyRemovalPlan(islResult, plan) {
+    assertApplyRemovalPlanArgs(islResult, plan);
+    if (!plan.shouldRemove || plan.instructionsToRemove.length === 0) {
+        return islResult;
+    }
+    // Group instructions by segmentId. Each instruction's position is segment-local
+    // (indices within that segment's sanitizedContent). We never use positions from
+    // one segment on another segment or any global document offset.
+    const bySegmentId = new Map();
+    for (const inst of plan.instructionsToRemove) {
+        if (inst.segmentId == null)
+            continue;
+        const list = bySegmentId.get(inst.segmentId) ?? [];
+        list.push(inst.position);
+        bySegmentId.set(inst.segmentId, list);
+    }
+    if (bySegmentId.size === 0)
+        return islResult;
+    // For each segment, take only instructions with segmentId === segment.id,
+    // apply those ranges only to this segment's sanitizedContent, produce new segment.
+    const newSegments = islResult.segments.map((seg) => {
+        const ranges = bySegmentId.get(seg.id);
+        if (ranges == null || ranges.length === 0)
+            return seg;
+        const content = seg.sanitizedContent ?? '';
+        const len = typeof content === 'string' ? content.length : 0;
+        const clamped = clampRangesToContent(ranges, len);
+        if (clamped.length === 0)
+            return seg;
+        const merged = mergeRanges(clamped);
+        const mergedAdjacent = mergeAdjacentByPunctuation(merged, content);
+        const newContent = removeRanges(content, mergedAdjacent);
+        return { ...seg, sanitizedContent: newContent };
+    });
+    return {
+        segments: Object.freeze(newSegments),
+        lineage: islResult.lineage,
+        metadata: islResult.metadata
+    };
+}
+//# sourceMappingURL=applyRemovalPlan.js.map

package/dist/AAL/process/applyRemovalPlan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"applyRemovalPlan.js","sourceRoot":"","sources":["../../../src/AAL/process/applyRemovalPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAMH;;;GAGG;AACH,SAAS,oBAAoB,CAC3B,MAA2B,EAC3B,aAAqB;IAErB,IAAI,aAAa,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IACxD,MAAM,MAAM,GAAe,EAAE,CAAA;IAC7B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,aAAa,CAAC,CAAC,CAAA;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC,CAAC,CAAA;QAC/D,IAAI,KAAK,GAAG,GAAG;YAAE,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAC9C,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,MAA2B;IAC9C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IAClC,MAAM,MAAM,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAA;IAC5D,MAAM,MAAM,GAAe,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAE,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC,CAAE,CAAC,GAAG,EAAE,CAAC,CAAA;IAC7E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAE,CAAA;QACpB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QAC3B,IAAI,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YACxB,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAA;QACnF,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,CAAA;QAC7C,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,qGAAqG;AACrG,MAAM,mBAAmB,GAAG,EAAE,CAAA;AAE9B,qFAAqF;AACrF,SAAS,6BAA6B,CAAC,CAAS;IAC9C,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACnC,CAAC;AAED;;;GAGG;AACH,SAAS,0BAA0B,CACjC,MAA2B,EAC3B,OAAe;IAEf,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC;QAAE,OAAO,CAAC,GAAG,MAAM,CAAC,CAAA;IAC1C,MAAM,MAAM,GAAe,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,CAAE,EAAE,CAAC,CAAA;IAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAE,CAAA;QACpB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAA;QACzB,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,CAAA;QACtB,IAAI,MAAM,GAAG,QAAQ,IAAI,MAAM,GAAG,QAAQ,IAAI,mBAAmB,EAAE,CAAC;YAClE,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;YAC3C,IAAI,6BAA6B,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAA;gBAC7D,SAAQ;YACV,CAAC;QACH,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAA;IACvB,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,OAAe,EAAE,MAA2B;IAChE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,OAAO,CAAA;IACvC,IAAI,MAAM,GAAG,EAAE,CAAA;IACf,IAAI,GAAG,GAAG,CAAC,CAAA;IACX,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,CAAC,KAAK,GAAG,GAAG;YAAE,MAAM,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAA;QACxD,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAA;IAC5B,CAAC;IACD,IAAI,GAAG,GAAG,OAAO,CAAC,MAAM;QAAE,MAAM,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACtD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,0BAA0B,CAAC,SAAoB,EAAE,IAAiB;IACzE,IAAI,SAAS,IAAI,IAAI,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACvD,MAAM,IAAI,SAAS,CAAC,2DAA2D,CAAC,CAAA;IAClF,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,2DAA2D,CAAC,CAAA;IAClF,CAAC;IACD,IAAI,IAAI,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7C,MAAM,IAAI,SAAS,CAAC,sDAAsD,CAAC,CAAA;IAC7E,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC;QAC9C,MAAM,IAAI,SAAS,CAAC,kEAAkE,CAAC,CAAA;IACzF,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAAC,SAAoB,EAAE,IAAiB;IACtE,0BAA0B,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;IAE3C,IAAI,CAAC,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjE,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,gFAAgF;IAChF,gFAAgF;IAChF,gEAAgE;IAChE,MAAM,WAAW,GAAG,IAAI,GAAG,EAAsB,CAAA;IACjD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC7C,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI;YAAE,SAAQ;QACpC,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAA;QAClD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACxB,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;IACvC,CAAC;IAED,IAAI,WAAW,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO,SAAS,CAAA;IAE5C,0EAA0E;IAC1E,mFAAmF;IACnF,MAAM,WAAW,GAAiB,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC/D,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACtC,IAAI,MAAM,IAAI,IAAI,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,GAAG,CAAA;QACrD,MAAM,OAAO,GAAG,GAAG,CAAC,gBAAgB,IAAI,EAAE,CAAA;QAC1C,MAAM,GAAG,GAAG,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5D,MAAM,OAAO,GAAG,oBAAoB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;QACjD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,GAAG,CAAA;QACpC,MAAM,MAAM,GAAG,WAAW,CAAC,OAAO,CAAC,CAAA;QACnC,MAAM,cAAc,GAAG,0BAA0B,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;QAClE,MAAM,UAAU,GAAG,YAAY,CAAC,OAAO,EAAE,cAAc,CAAC,CAAA;QACxD,OAAO,EAAE,GAAG,GAAG,EAAE,gBAAgB,EAAE,UAAU,EAAE,CAAA;IACjD,CAAC,CAAC,CAAA;IAEF,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC;QACpC,OAAO,EAAE,SAAS,CAAC,OAAO;QAC1B,QAAQ,EAAE,SAAS,CAAC,QAAQ;KAC7B,CAAA;AACH,CAAC"}

package/dist/AAL/process/buildDecisionReason.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"buildDecisionReason.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/buildDecisionReason.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAChD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAE9C;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAA;IAC9B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAA;IAC5B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAA;CAChC;AAED;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,aAAa,EACrB,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,cAAc,CA2BhB"}
+{"version":3,"file":"buildDecisionReason.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/buildDecisionReason.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAChD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAG9C;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAA;IAC9B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAA;IAC5B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAA;CAChC;AAwBD;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,aAAa,EACrB,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,cAAc,CAgChB"}

package/dist/AAL/process/buildDecisionReason.js

@@ -10,6 +10,23 @@
  * - Include risk score and threshold information
  * - Facilitate auditing and debugging
  */
+import { validateAgentPolicyThresholds } from './validatePolicy.js';
+const VALID_ACTIONS = new Set(['ALLOW', 'WARN', 'BLOCK']);
+function assertBuildDecisionReasonArgs(action, islSignal, policy) {
+    if (action == null || !VALID_ACTIONS.has(action)) {
+        throw new TypeError('AAL buildDecisionReason: action must be ALLOW, WARN, or BLOCK');
+    }
+    if (islSignal == null || typeof islSignal !== 'object') {
+        throw new TypeError('AAL buildDecisionReason: islSignal must be a non-null object');
+    }
+    if (typeof islSignal.riskScore !== 'number') {
+        throw new TypeError('AAL buildDecisionReason: islSignal.riskScore must be a number');
+    }
+    if (policy == null || typeof policy !== 'object') {
+        throw new TypeError('AAL buildDecisionReason: policy must be a non-null object');
+    }
+    validateAgentPolicyThresholds(policy);
+}
 /**
  * Builds the reason for a decision
  *
@@ -19,6 +36,9 @@
  * @returns DecisionReason with complete information
  */
 export function buildDecisionReason(action, islSignal, policy) {
+    assertBuildDecisionReasonArgs(action, islSignal, policy);
+    const detectionCount = islSignal.piDetection?.detections?.length ?? 0;
+    const hasThreats = islSignal.hasThreats === true && detectionCount > 0;
     let threshold;
     let reason;
     if (action === 'BLOCK') {
@@ -33,16 +53,16 @@ export function buildDecisionReason(action, islSignal, policy) {
         threshold = policy.thresholds.warn;
         reason = `Risk score ${islSignal.riskScore.toFixed(3)} is below warn threshold ${threshold.toFixed(3)}`;
     }
-    if (islSignal.hasThreats) {
-        reason += `. ${islSignal.piDetection.detections.length} threat(s) detected.`;
+    if (hasThreats) {
+        reason += `. ${detectionCount} threat(s) detected.`;
     }
     return {
         action,
         riskScore: islSignal.riskScore,
         threshold,
         reason,
-        hasThreats: islSignal.hasThreats,
-        detectionCount: islSignal.piDetection.detections.length
+        hasThreats,
+        detectionCount
     };
 }
 //# sourceMappingURL=buildDecisionReason.js.map

package/dist/AAL/process/buildDecisionReason.js.map

@@ -1 +1 @@
-{"version":3,"file":"buildDecisionReason.js","sourceRoot":"","sources":["../../../src/AAL/process/buildDecisionReason.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAkBH;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAqB,EACrB,SAAoB,EACpB,MAAmB;IAEnB,IAAI,SAAiB,CAAA;IACrB,IAAI,MAAc,CAAA;IAElB,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAA;QACnC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACzG,CAAC;SAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QAC7B,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAA;QAClC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,+BAA+B,CAAA;IACrI,CAAC;SAAM,CAAC;QACN,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAA;QAClC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACzG,CAAC;IAED,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,SAAS,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM,sBAAsB,CAAA;IAC9E,CAAC;IAED,OAAO;QACL,MAAM;QACN,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,SAAS;QACT,MAAM;QACN,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,cAAc,EAAE,SAAS,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM;KACxD,CAAA;AACH,CAAC"}
+{"version":3,"file":"buildDecisionReason.js","sourceRoot":"","sources":["../../../src/AAL/process/buildDecisionReason.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAKH,OAAO,EAAE,6BAA6B,EAAE,MAAM,qBAAqB,CAAA;AAcnE,MAAM,aAAa,GAAG,IAAI,GAAG,CAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAA;AAExE,SAAS,6BAA6B,CACpC,MAAqB,EACrB,SAAoB,EACpB,MAAmB;IAEnB,IAAI,MAAM,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,+DAA+D,CAAC,CAAA;IACtF,CAAC;IACD,IAAI,SAAS,IAAI,IAAI,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACvD,MAAM,IAAI,SAAS,CAAC,8DAA8D,CAAC,CAAA;IACrF,CAAC;IACD,IAAI,OAAO,SAAS,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,IAAI,SAAS,CAAC,+DAA+D,CAAC,CAAA;IACtF,CAAC;IACD,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,2DAA2D,CAAC,CAAA;IAClF,CAAC;IACD,6BAA6B,CAAC,MAAM,CAAC,CAAA;AACvC,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAqB,EACrB,SAAoB,EACpB,MAAmB;IAEnB,6BAA6B,CAAC,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAExD,MAAM,cAAc,GAAG,SAAS,CAAC,WAAW,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC,CAAA;IACrE,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,KAAK,IAAI,IAAI,cAAc,GAAG,CAAC,CAAA;IAEtE,IAAI,SAAiB,CAAA;IACrB,IAAI,MAAc,CAAA;IAElB,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAA;QACnC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACzG,CAAC;SAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QAC7B,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAA;QAClC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,+BAA+B,CAAA;IACrI,CAAC;SAAM,CAAC;QACN,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAA;QAClC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACzG,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,cAAc,sBAAsB,CAAA;IACrD,CAAC;IAED,OAAO;QACL,MAAM;QACN,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,SAAS;QACT,MAAM;QACN,UAAU;QACV,cAAc;KACf,CAAA;AACH,CAAC"}

package/dist/AAL/process/buildRemediationPlan.d.ts

@@ -0,0 +1,22 @@
+/**
+ * buildRemediationPlan - Builds a remediation plan (what to do, not how).
+ *
+ * @remarks
+ * AAL describes *what* to do: strategy, goals, constraints, and which segments
+ * are affected. The SDK (or an AI agent) is responsible for *how* to perform
+ * cleanup (e.g. using an AI tool to remove malicious instructions without
+ * affecting legitimate content).
+ */
+import type { RemediationPlan } from '../types.js';
+import type { AgentPolicy } from '../types.js';
+import type { ISLResult } from '../../isl/types.js';
+/**
+ * Builds a remediation plan from the ISL result and policy.
+ * Target segments are those with at least one detection; goals are derived from detection types.
+ *
+ * @param islResult - ISL result with segments and per-segment piDetection
+ * @param policy - Agent policy (remediation.enabled)
+ * @returns RemediationPlan for the SDK / AI agent to execute
+ */
+export declare function buildRemediationPlan(islResult: ISLResult, policy: AgentPolicy): RemediationPlan;
+//# sourceMappingURL=buildRemediationPlan.d.ts.map

package/dist/AAL/process/buildRemediationPlan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"buildRemediationPlan.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/buildRemediationPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAClD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AA2CnD;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,eAAe,CA+BjB"}

package/dist/AAL/process/buildRemediationPlan.js

@@ -0,0 +1,81 @@
+/**
+ * buildRemediationPlan - Builds a remediation plan (what to do, not how).
+ *
+ * @remarks
+ * AAL describes *what* to do: strategy, goals, constraints, and which segments
+ * are affected. The SDK (or an AI agent) is responsible for *how* to perform
+ * cleanup (e.g. using an AI tool to remove malicious instructions without
+ * affecting legitimate content).
+ */
+import { validateAgentPolicyThresholds } from './validatePolicy.js';
+const STRATEGY_AI_CLEANUP = 'AI_CLEANUP';
+const DEFAULT_CONSTRAINTS = Object.freeze([
+    'preserve_user_intent',
+    'do_not_add_information',
+    'do_not_change_language'
+]);
+/** Maps ISL pattern_type to remediation goal (e.g. prompt-injection -> remove_prompt_injection). */
+function patternTypeToGoal(type) {
+    const normalized = type.replaceAll('-', '_').toLowerCase();
+    return `remove_${normalized}`;
+}
+const EMPTY_PLAN = Object.freeze({
+    strategy: STRATEGY_AI_CLEANUP,
+    goals: Object.freeze([]),
+    constraints: DEFAULT_CONSTRAINTS,
+    targetSegments: Object.freeze([]),
+    needsRemediation: false
+});
+function assertBuildRemediationPlanArgs(islResult, policy) {
+    if (islResult == null || typeof islResult !== 'object') {
+        throw new TypeError('AAL buildRemediationPlan: islResult must be a non-null object');
+    }
+    if (!Array.isArray(islResult.segments)) {
+        throw new TypeError('AAL buildRemediationPlan: islResult.segments must be an array');
+    }
+    if (policy == null || typeof policy !== 'object') {
+        throw new TypeError('AAL buildRemediationPlan: policy must be a non-null object');
+    }
+    const r = policy.remediation;
+    if (r == null || typeof r !== 'object' || typeof r.enabled !== 'boolean') {
+        throw new TypeError('AAL buildRemediationPlan: policy.remediation.enabled must be a boolean');
+    }
+    validateAgentPolicyThresholds(policy);
+}
+/**
+ * Builds a remediation plan from the ISL result and policy.
+ * Target segments are those with at least one detection; goals are derived from detection types.
+ *
+ * @param islResult - ISL result with segments and per-segment piDetection
+ * @param policy - Agent policy (remediation.enabled)
+ * @returns RemediationPlan for the SDK / AI agent to execute
+ */
+export function buildRemediationPlan(islResult, policy) {
+    assertBuildRemediationPlanArgs(islResult, policy);
+    if (!policy.remediation.enabled) {
+        return EMPTY_PLAN;
+    }
+    const targetSegments = [];
+    const goalsSet = new Set();
+    for (const segment of islResult.segments) {
+        const detections = segment.piDetection?.detections;
+        if (!Array.isArray(detections) || detections.length === 0)
+            continue;
+        targetSegments.push(segment.id);
+        for (const d of detections) {
+            const type = d.pattern_type ?? 'unknown';
+            goalsSet.add(patternTypeToGoal(type));
+        }
+    }
+    if (targetSegments.length === 0) {
+        return EMPTY_PLAN;
+    }
+    return Object.freeze({
+        strategy: STRATEGY_AI_CLEANUP,
+        goals: Object.freeze([...goalsSet].sort((a, b) => a.localeCompare(b))),
+        constraints: DEFAULT_CONSTRAINTS,
+        targetSegments: Object.freeze(targetSegments),
+        needsRemediation: true
+    });
+}
+//# sourceMappingURL=buildRemediationPlan.js.map

package/dist/AAL/process/buildRemediationPlan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"buildRemediationPlan.js","sourceRoot":"","sources":["../../../src/AAL/process/buildRemediationPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAMH,OAAO,EAAE,6BAA6B,EAAE,MAAM,qBAAqB,CAAA;AAEnE,MAAM,mBAAmB,GAAG,YAAY,CAAA;AAExC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IACxC,sBAAsB;IACtB,wBAAwB;IACxB,wBAAwB;CAChB,CAAC,CAAA;AAEX,oGAAoG;AACpG,SAAS,iBAAiB,CAAC,IAAY;IACrC,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAA;IAC1D,OAAO,UAAU,UAAU,EAAE,CAAA;AAC/B,CAAC;AAED,MAAM,UAAU,GAAoB,MAAM,CAAC,MAAM,CAAC;IAChD,QAAQ,EAAE,mBAAmB;IAC7B,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;IACxB,WAAW,EAAE,mBAAmB;IAChC,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;IACjC,gBAAgB,EAAE,KAAK;CACxB,CAAC,CAAA;AAEF,SAAS,8BAA8B,CAAC,SAAoB,EAAE,MAAmB;IAC/E,IAAI,SAAS,IAAI,IAAI,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACvD,MAAM,IAAI,SAAS,CAAC,+DAA+D,CAAC,CAAA;IACtF,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,+DAA+D,CAAC,CAAA;IACtF,CAAC;IACD,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,4DAA4D,CAAC,CAAA;IACnF,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,CAAC,WAAW,CAAA;IAC5B,IAAI,CAAC,IAAI,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACzE,MAAM,IAAI,SAAS,CAAC,wEAAwE,CAAC,CAAA;IAC/F,CAAC;IACD,6BAA6B,CAAC,MAAM,CAAC,CAAA;AACvC,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAClC,SAAoB,EACpB,MAAmB;IAEnB,8BAA8B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAEjD,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;QAChC,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,MAAM,cAAc,GAAa,EAAE,CAAA;IACnC,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAA;IAElC,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;QACzC,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,EAAE,UAAU,CAAA;QAClD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;YAAE,SAAQ;QACnE,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QAC/B,KAAK,MAAM,CAAC,IAAI,UAAoC,EAAE,CAAC;YACrD,MAAM,IAAI,GAAW,CAAC,CAAC,YAAY,IAAI,SAAS,CAAA;YAChD,QAAQ,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAA;QACvC,CAAC;IACH,CAAC;IAED,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChC,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,QAAQ,EAAE,mBAAmB;QAC7B,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;QACtE,WAAW,EAAE,mBAAmB;QAChC,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC;QAC7C,gBAAgB,EAAE,IAAI;KACvB,CAAC,CAAA;AACJ,CAAC"}

package/dist/AAL/process/buildRemovalPlan.d.ts

@@ -2,17 +2,19 @@
  * buildRemovalPlan - Builds a plan for instruction removal
  *
  * @remarks
- * This function builds a plan of which instructions should be removed
- * based on ISL detections and agent policy.
+ * Each instruction in the plan must be tied to one segment and one range in that segment:
+ * - segmentId: same as segment.id in ISLResult (so applyRemovalPlan knows which segment to cut).
+ * - position: { start, end } in segment-local coordinates (indices within segment.sanitizedContent).
+ * So "remove instruction X" means: in the segment with id segmentId, delete exactly [start, end) of that segment's sanitizedContent.
  *
- * **Responsibility:**
- * - Identify instructions to remove
- * - Create removal plan based on detections
- * - Does not execute the removal (that is SDK responsibility)
+ * Two entry points:
+ * - buildRemovalPlan(islSignal, policy): from signal only; no segmentId (descriptive).
+ * - buildRemovalPlanFromResult(islResult, policy): from result; includes segmentId and segment-local position for applyRemovalPlan.
  */
 import type { RemovedInstruction } from '../types.js';
-import type { ISLSignal } from '../../isl/signals.js';
 import type { AgentPolicy } from '../types.js';
+import type { ISLSignal } from '../../isl/signals.js';
+import type { ISLResult } from '../../isl/types.js';
 /**
  * Plan for instruction removal
  */
@@ -22,11 +24,27 @@ export interface RemovalPlan {
     readonly removalEnabled: boolean;
 }
 /**
- * Builds a plan for instruction removal
+ * Builds a plan for instruction removal from ISL signal (no segment ids).
+ * Use when you only have the signal; plan is descriptive. For actionable removal use buildRemovalPlanFromResult.
  *
  * @param islSignal - ISL signal with detections
  * @param policy - Agent policy
- * @returns RemovalPlan with instructions to remove
+ * @returns RemovalPlan with instructions to remove (no segmentId)
  */
 export declare function buildRemovalPlan(islSignal: ISLSignal, policy: AgentPolicy): RemovalPlan;
+/**
+ * Builds a plan for instruction removal from ISL result (with segment ids).
+ * Use with applyRemovalPlan to produce content with malicious ranges removed.
+ *
+ * Each instruction is built from one segment only:
+ * - segmentId = segment.id (so applyRemovalPlan knows which segment to cut).
+ * - position = detection.position as-is (already segment-local: indices within
+ *   that segment's sanitizedContent, from detectThreats run on that segment).
+ * No document-concatenated or global offsets are used.
+ *
+ * @param islResult - ISL result with segments and per-segment piDetection
+ * @param policy - Agent policy
+ * @returns RemovalPlan with instructions to remove (segmentId + segment-local position per instruction)
+ */
+export declare function buildRemovalPlanFromResult(islResult: ISLResult, policy: AgentPolicy): RemovalPlan;
 //# sourceMappingURL=buildRemovalPlan.d.ts.map

package/dist/AAL/process/buildRemovalPlan.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"buildRemovalPlan.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/buildRemovalPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;AACrD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAE9C;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,oBAAoB,EAAE,SAAS,kBAAkB,EAAE,CAAA;IAC5D,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAA;IAC9B,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAA;CACjC;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAC9B,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,WAAW,CAkCb"}
+{"version":3,"file":"buildRemovalPlan.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/buildRemovalPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAGnD;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,oBAAoB,EAAE,SAAS,kBAAkB,EAAE,CAAA;IAC5D,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAA;IAC9B,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAA;CACjC;AA0CD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAC9B,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,WAAW,CAoBb;AAWD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,0BAA0B,CACxC,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,WAAW,CAoBb"}